In addition to the OpenVPN: настройка OpenVPN Access Server и AWS VPC peering post – DNS settings example.
We have the ci.example.com domain, which has to be resolved to its Public IP (of the AWS EC2 instance) if it’s requested from thу Internet – or to its Private IP – if requested via a VPN connection.
To achieve this – you can use the dnsmasq service installed on the OpenVPN AS host.
Install it:
Create a /etc/dnsmasq.hosts file with hardcoded Private IP for necessary services:
10.0.5.10 ci.example.com 172.31.36.107 nexus-repo.example.com 10.0.3.105 rabbitadmin-production.example.com 10.0.1.6 monitor.example.com
Next – update /etc/dnsmasq.conf file and add the addn-hosts option so it will look like next:
listen-address=127.0.0.1 listen-address=10.0.10.4 bind-interfaces log-queries addn-hosts=/etc/dnsmasq.hosts
Restart the dnsmasq service:
Check locally:
Good.
Now go to your OpenVPN’s admin page => VPN Settings and set the Have clients use specific DNS servers to Yes:
In the Primary DNS Server filed set your EC2’s Private IP where is your OpenVPN server running.
Restart your VPN connection on a workstation:
Check local resolv.conf:
Check DNS resolution:
And any other:
Done.
